Skip to content
Auto-CTI

What has changed?

Comparing 1 July 2026 with the previous day 30 June 2026.

Newly added

111
NEW A2
98

CVE-2026-50521

The vulnerability requires prior network authorization and is covered by standard NVD reporting without active exploitation or geopolitical dimension.

Critical CVSS 8.3 EPSS 0%
B3
75

25th May , Threat Intelligence Report

Check Point documents a 124% surge in hacktivism and ransomware across Germany, Austria, and Switzerland in 2025,a strategically significant shift in the DACH threat landscape for manufacturing organizations.

Critical
A3
20

[UPDATE] GNU libc: Multiple Vulnerabilities

BSI alert on multiple GNU libc vulnerabilities with broad impact on all Linux systems in production environments; urgency and details depend on the severity level of the underlying CVEs.

High
A3
20

Ubiquiti UniFi OS Server: Multiple Vulnerabilities

BSI warns of multiple critical vulnerabilities in Ubiquiti UniFi OS Server enabling remote code execution and data compromise , a direct threat to network infrastructure requiring urgent patching.

High
NEW C3
20

Massive Password Spray Campaign Targeting Azure CLI

Massive credential-spraying attack with 81 million login attempts against Azure CLI indicates coordinated attacks on cloud infrastructure; LSHIY hosting provider as attack infrastructure suggests organized threat actors.

High
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

The BSI warning describes multiple OpenSSL vulnerabilities without specific CVE designations or severity levels , a typical aggregated security alert for critical infrastructure, but requires clarification for prioritization.

High
A3
20

7-Zip: Vulnerability Enables Code Execution

A newly discovered RCE vulnerability in 7-Zip when processing NTFS archives requires user interaction but poses significant risk in manufacturing environments where archives are frequently exchanged.

High
NEW B3
12

ARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365

ARToken is a fully automated PhaaS panel with 80+ API endpoints for targeted Microsoft 365 phishing, including persistent token acquisition via Microsoft Authentication Broker and SharePoint exfiltration , an escalated threat model compared to earlier EvilTokens reporting.

High
A3
0

Microsoft Edge: Multiple Vulnerabilities

The advisory contains no CVE numbers or specific vulnerability details; this is a generic precautionary notice without current exploitation evidence.

Medium

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

20
KEV NEW C1
93

BlueHammer Vulnerability Exploited in Ransomware Attacks

A Microsoft Defender vulnerability is being actively exploited by ransomware groups, yet CISA does not proactively notify users when KEV-listed vulnerabilities enter active exploitation by ransomware campaigns.

Critical CVSS 7.8 EPSS 7%
NEW C3
63

Critical SimpleHelp Vulnerability Exploited for Malware Delivery

Attackers actively exploit an authentication bypass in SimpleHelp to deliver malware that specifically targets developer credentials, SSH keys, and cryptocurrency wallets,suggesting supply-chain and development-pipeline targeting.

Critical
NEW A3
47

[UPDATE] GNU libc: Multiple Vulnerabilities

BSI warning on critical GNU libc vulnerabilities affecting all Linux systems in production environment; prioritization of security updates required.

Critical
Russian ransomware group (identity unclear, but linked to eCrime operations) C3
32

An update on FortiBleed , what's happening with victim orgs

A significant number of Fortigate customers are already compromised via dormant admin accounts planted by ransomware groups , strategic backdoor infrastructure for future attacks.

Critical
A3
20

[UPDATE] 7-Zip: Multiple Vulnerabilities

BSI alert on multiple critical vulnerabilities in 7-Zip enabling local and remote code execution; patch status and affected versions should be verified.

High
NEW B3
0

What's new in Microsoft Security: June 2026

Microsoft introduces agent-based AI systems (MDASH) for automated vulnerability discovery and extends threat protection to AWS databases alongside enhanced identity backup capabilities.

Medium
ESC